From the March/April 2012 Issue, "In 2010 Oracle committed to delivering new SPARC chips and server hardware every 12 to 18 months. Over a five-year period, this SPARC roadmap called for improvement of 4 times the cores, 32 times the threads, 16 times the memory capacity, 40 times the database transactions, and 10 times the Java operations per second. So far, on-the-ground results exceed those commitments.

Instead of what was promised on the SPARC and Oracle Solaris roadmap, Oracle is delivering more. The driving time to major SPARC milestones has gotten shorter, and with the recent release of the SPARC T4 chip, Oracle is providing better-than-promised performance."

"Protecting your data should be the No. 1 priority on your companys agenda.
Once all of your other equipment and systems are in place, you have to be able
to protect them and the information they store. After all, without this data, most
companies wouldnt be able to function. 'If you lose your data, you are likely to
lose your company,' says Pierluigi Stella, CTO at Network Box USA. 'That to me seems reason
enough to protect your data.'

Stella says that encryption is the key because if hackers cant see it, they cant
steal it, but there are also other factors to consider. Well show you a few simple
ways to protect your data and help prevent outside threats from getting through ..."

"Perhaps the most consistent trend (for more than eight years now) in data storage, covering both the enterprise and consumer markets, is the continued development and improvement of solid-state disk NAND flash media. All the major storage and device companies offer solid-state drive (SSD) options for be servers, laptops and other devices. Tablet PCs have been using NAND flash all along, and their skyrocketing sales have been a huge validation of the media's market value. In the data center environment, however, there are some precautions and limitations in NAND flash that should be discussed and evaluated ahead of a major investment ..."

"As SSD capacity continues to increase and prices drop, use of SSD for enterprise tier 1 applications is going to become more and more common. At the same time, enterprises are adopting scale-out architectures. It's an exciting time to be involved in enterprise storage.

Moore's Law is definitely in effect when it comes to solid state storage, and as the technology and market mature, the storage world is moving towards a place where SSDs are not just silicon disks, but full solid state systems, says Kurt Marko ..."

"In most organizations today, there is sensitive data that is overexposed and vulnerable to misuse or theft, leaving IT in an ongoing race to prevent data loss. Packet sniffers, firewalls, virus scanners, and spam filters are doing a good job securing the borders, but what about insider threats? The threat of legitimate, authorized users unwittingly (or wittingly) leaking critical data just by accessing data that is available to them is all too real. Analyst firms such as IDC estimate that in 5 years, unstructured data, which makes up 80 percent of organizational data, will grow by 650 percent ..."

"Scientists at IBM Research today said they have achieved a major advance in quantum computing that will allow engineers to begin work on creating a full-scale quantum computer.

The breakthrough allowed scientists to reduce data error rates in elementary computations while maintaining the integrity of quantum mechanical properties in quantum bits of data, known as qubits.

The creation of a quantum computer would mean data processing power would be exponentially increased over what is possible with today's conventional CPUs, according to Mark Ketchen, the manager of physics of information at the IBM's TJ Watson Research Center in Yorktown Heights, NY ..."

"Transistors and integrated circuits, while not thought of daily in the enterprise, nevertheless have a profound and direct effect on what can be accomplished with computing technology.

One of the tenets of computing has long been Moore's Law, named for Intel co-founder Gordon Moore, who, in a 1965 paper, posited that the number of transistors that can be placed inexpensively on an integrated circuit doubles approximately every two years. Moore was uncannily correct, for the law has been used, successfully, in semiconductor and computer industry planning for half a century.

In its third annual report, Coverity concludes that the quality of open source code is equal to, or even better than that of proprietary software. Coverity analyzed more than 37 million lines of open source code from 45 major open source projects and over 300 million lines of proprietary software code. The open source projects were found to have an average defect density of 0.45, based on the number of defects per 1,000 lines of code, and the proprietary code was found to have 0.64 defects in every 1,000 lines of proprietary software code.

"At this month's Cloud Connect event, David Linthicum, CTO of Blue Mountain Labs, gave an informative one-hour talk on cloud architecture and design. It concluded with a list of 17 steps to getting it right ..."

"'Most of this is just common sense,' he told the crowd. To a practiced architect it may be common sense, but to some first-time implementers, it's clearly a challenge. The fact that 17 steps are involved may indicate that when it comes to cloud computing, common sense may be less common than some imagine ..."

"With the endless amount of cloud computing options to choose from
selecting the right service for your company can be overwhelming. Do
you go with public versus private cloud computing? Technology stacks
or service-level agreements? This expert e-guide from
SearchCloudComputing.com explains how to uncover the best cloud
solution for your company. Find out how to evaluate cloud computing
services and discover how to focus on your IT departments strategy
around two service delivery approaches ..."

"Employees with something to lose will try to thwart your private cloud plans. The boss needs to take charge ... Private cloud is inevitable, but that doesn't mean the road is going to be smooth. One of the major roadblocks is going to be your own staff, so we can expect the same tar-pitted demise of traditional server and storage infrastructures as we experienced with the decline of mainframe computing.

Why not get out ahead of the curve, rip off the Band-Aid, and start to realize the substantial benefits of private clouds? We should all be so lucky. Truth is, substantial change is hard and is met with resistance ..."

"What if a cloud computing infrastructure could recognize a cyberattack, eliminate it, and never stop working while all that is being done? That's what researchers at MIT, with help from the federal government, are investigating the feasibility of.

Researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) have received funding from the Defense Advanced Research Projects Agency (DARPA) to bring about a cloud infrastructure that could identify cyberattacks and heal itself from any damages ..."

"The growing shift to cloud computing can deliver significant value -- but most enterprises have little knowledge of the perils of transferring IT decision making away from technology specialists to business unit leaders.

Eliminating oversight and governance from cloud computing decisions can create significant risk to organizations, effectively undermining any benefits of moving to the cloud and, at the same time, potentially creating serious issues for organizations ..."

"There is no guarantee for cloud deployment success -- but there's a path that can strongly increase the odds ...

Technology vendors like to sell "guaranteed" success for building your own cloud computing service, whether public, private, or hybrid. Don't believe them. In my consulting work, I find the path to success is not that straightforward.

But there is a path to success, and based on my experience, here's my set of guidelines for the definition, design, and implementation of cloud computing solutions. It should at least push you in the right direction ... "

"Whether you call it social media, social networking, or social business (I prefer the latter), the end goal, for business users, is to improve the bottom line. The dotcom era taught us that the models may change but the fundamentals of business remain constant. I have realized, as a CIO, that I've had to let go of my fears and embrace social media, for the betterment of my organization ..."

"What are some of the key security concerns that CIOs need to address, with the development of a BYOD environment in the enterprises? ...

Consumerization of IT provides many opportunities, but it also creates some security challenges. Much of these challenges are rooted in the fact that the mobility of these devices introduces security management issues around access control, data protection and compliance, as well as the fact that employee-owned devices used for work introduce added IT complexity -- its not always clear who owns the device, and furthermore, who owns what data on the device ..."

"Even though many finance chiefs seem to think the days of the CIO role may be numbered, IT leaders still have a number of options to strengthen their hand.

The headline figures make grim reading for IT professionals hoping to build a long-term career as a CIO. Almost one in five CFOs thinks the CIO role will disappear within five years, according to new research.

Worse, the survey of 203 key financial decision-makers by IT specialist Getronics and consultancy Loudhouse suggests 43 per cent of CFOs believe the IT leadership role will inevitably merge with the top finance position.

"Do you have a Risk Management Plan (RMP)? If you do not, then this article is not for you. If you are managing a project of any size and you have not developed a Risk Management Plan, then your project is most likely already in trouble.

If your answer is yes, then you may want to continue reading this article. Many people talk about and also attempt to develop a Risk Management Plan but either give up on it or place the effort in the low-priority to-do list ..."

"The development of recovery times for both the business organizations business continuity plan and the IT departments disaster recovery plan need to be developed through the collaboration of both parties for either plan to provide the proper protection. However in my thirty-five years in the business continuity and resiliency field I have found in many situations they are not.

The reasons for this can be timing or a lack of knowledge of the overall business continuity and/or disaster recovery planning process coupled with a lack of understanding of each others real recovery timing needs ..."

"The Chairman of the Federal Communications Commission, an independent agency of the US government whose goals include public safety, says that Internet service providers should come up with a voluntary code of conduct aimed at keeping their customers and the Internet infrastructure safe from various threats.

As the danger of getting cut off the Internet looms over around 400,000 users still compromised by the DNS Changer malware, it seems clear that users should not be wholly counted upon keeping their machines from falling into botnet masters' hands ..."

"It used to be that enterprises could plan for a one-device-per-user ratio. But with BYOD, each employee uses multiple devices, putting significant strain on traditional wireless network bandwidth infrastructures.

In the bring your own device (BYOD) era, a corporate wireless network that scales to 50 devices is no longer enough, said Rob Shaughnessy, CTO of Circadence, a WAN optimization company based in Boulder, Colo ..."

"There's a debate emerging in the IT community about the use of flat networks vs. traditional tiered networks. In a flat network, hosts on the same subnet dont require the use of a Layer 3 switch or router to communicate. This reduction in L3 activity can make flat networks more efficient and increase network performance. Flat networks can also support highly virtualized environments and key virtualization features such as virtual machine migration.

However, by moving to a flat network, common L3 filtering controls such as firewalls and access control lists wont necessarily be available because more devices will sit on the same subnet ..."

"Administrators and network engineers have long assumed that the more connections they insert between multiple networks the more resilient the communications between these networks will be. The Internet, for example, derives much of its resiliency from multiple, redundant links. But this is true only up to a point. Too many connections can actually be dangerous, because failures in one network can easily cascade to the other, noted Charles Brummitt, a mathematics researcher at the University of California, Davis, who led a team that looked into this issue ..."

"The lion's share of attacks that target companies will be opportunistic scams and cybercrime, but companies that want to protect their customer information and corporate intellectual property need to also worry about the more persistent attackers.

While the term 'advanced persistent threat' (APT) has become a marketing buzzword, persistent attackers do pose a real threat for companies, Greg Hoglund, founder and chief technology officer of HBGary, told attendees here today at the RSA Conference. As attackers learn the benefits of quietly establishing a beachhead inside corporate networks, corporate IT security teams need to assume that the bad guys have already made it past their defenses and actively hunt down the intruders in their networks ..."

"VPNs have emerged as a safe way for
users to exchange information from beyond
the enterprises firewall. In addition to
doing a good job of keeping bad guys from
being able to intercept data, VPN connections
are easy to useonce they are up
and running. The problem is that a number
of things, including IP address conflicts
and firewall configuration problems, can
break the links.

Troubleshooting VPN connections can
cause a lot of headaches, and with overstretched
IT staff, fixing problems can eat
up hours, if not days, of time. But keeping
a cool head and methodically applying
troubleshooting processes can spare you
and your users a lot of grief ..."

"Getting it right the first time is crucial when selecting a colocation provider,
says Darin Stahl, Info-Tech Research Group lead analyst. For example, SMEs that move
equipment into a providers space only to have to switch providers shortly after due
to lack of foresight will pay a heavy price.

'When you get into a colocation, switching costs are enormous, he says. 'This isnt like buying a bunch of photocopiers, being unhappy with them, and putting them to
the curb and getting new Xeroxes in. Its a big deal to go through switching.' To find a
good fit with a colocation provider, consider the following ..."

"One of the top challenges new PM types face is facing, and then dealing, with reality. That point in the project when things just arent going as planned

At the beginning of the project your Gantt view is a work of art  each dependency perfectly linked, all tasks accounted for, the ideal project team fully secured, plus your project will be ready to launch a full week before the deadline. All is good in the world.

But then a team member is out sick for days on end, the key-art has been delayed a week, the client demands another design round ..."

"There's always a reason why things break in IT, and the powers-that-be can usually find someone to blame -- be it a data center operations staff member, an OEM, a systems integrator or a third party service provider.

An offender often leaves clear fingerprints showing that a component was mislabeled or a process wasn't updated. In other cases, an incident may be the result of oversights by multiple parties.

But with the possible exception of a meteor strike, there's always someone to blame for a data center problem ..."

"Organizations that look to protect themselves against attacks launched by the Anonymous hacktivist collective should make sure that their Web applications are secure before deploying anti-DDoS (distributed denial-of-service) solutions, says security firm Imperva in a new report.

The report analyzes a 2011 Anonymous attack against an organization that Imperva declined to name, but claims is well-known. 'This is the first time we're aware of someone chronicling, from cradle to grave, a full Anonymous attack,' said Rob Rachwald ..."

"Information security specialists like to argue over a lengthy list of possible metrics to measure their systems' security posture.

For managers and executives, however, the picture needs to be simplified to a less controversial collection of measurements. While security administrators focus on technical metrics, managers and chief security officers have to focus on how IT security interacts with business, says Kevin Lawrence, senior security associate with IT security consultancy Stach & Liu ..."

"When I checked in at the RSA 2012 conference, I was directed to wear my badge at all times.

'You won't be able to go anywhere without it,' a registration official informed me.

But this does not seem to be an obstacle for my anonymous source, whom I met on the first day of the conference. A risk management and physical security expert, he is in the business of 'pen-testing humans' via social engineering, he said, and he also has an expertise in event security. I met him while I was covering the event, and he agreed to give me details of how he snuck into RSA in a matter of minutes without any credentialsand then went back and got credentials under a fake name to boot ..."

"It's a tough world out there. Anyone whos ever worked in IT knows just how tough it is. And if youre not totally up for the challenge, there will always be someone else who is. But for anyone considering getting into the world of IT, or for those considering getting out of IT ... how do you know? How do you know whether you are really cut out for the career that chews up and spits out its young? ..."

"Your reputation precedes you, and it may not be pretty. What we post online -- or what our friends post on our social-media pages -- can tarnish our professional and personal images. A survey from Microsoft says were not dealing very well with this reality (most people wont even conduct a simple search for their own names). Ultimately, though, your chances for success depend on getting proactive ..."

"If your company is like many others, youre already exploring social media. But are these efforts providing real value? Or is social media perceived as more like a novelty -- interesting enough, occasionally amusing but ultimately disconnected from the delivery of business-focused outcomes? The book, 'The Social Organization: How to Use Social Media to Tap the Collective Genius of Your Customers and Employees', reveals what CIOs and other senior executives must understand about social media to maximize its potential ..."

If there's any silver lining to the past few years of a tough economy, it's that organizations have learned firsthand the benefits of embracing greener, more efficient practices to cut costs, rather than outright eliminating valuable services. In fact, a new study conducted by O'Keefe and Company and sponsored by CDW-G has found that organizations can reap even greater returns on their sustainable IT investments by reinvesting savings into additional green-tech implementations ..."

"The best insurance for your organization is often the processes required for compliance ...

Ive often thought that many businesses not subject to compliance requirements should still pick one or two compliance standards and become at least informally compliant. While that may seem like a lot of extra, expensive work, if done with thought and prudence, it can be better insurance than anything a company can buy ..."

"Companies are grappling with the question of whether and how to let employees use their own smartphones and tablets at work even as a huge push is being made to set up internal "app stores" of approved and custom-built corporate mobile apps.

'We identified our needs, and we're planning on custom mobile apps,' says Lincoln Cannon, director of sales and marketing technology at Utah-based Merit Medical Systems, a maker of medical equipment. The company has few reservations about allowing employees to use Apple iPads, including their own, to present information to business customers and allow access to cloud-based services, such as Google Docs, where product-related documents and videos are placed ..."

"The idea of having a chief mobility officer (CMO) isn't new in the enterprise world. But as companies now scramble to establish mobile strategies, a CMO could be one key to success, according to a new Forrester Research report.

Smartphones and tablets are "the manifestation of a much broader shift to new systems of engagement" with customers, partners and employees, Forrester said in the 30-page report ..."

February 2012 was a coming-of-age for the LibreOffice open source productivity suite. Multiple announcements show the project is well-supported and thriving. But what of the future?

Formed out of Oracle's neglect of the OpenOffice.org project by a community uprising in 2010, LibreOffice quickly gathered a critical mass of developers to work on it, drawn from a diverse set of backgrounds and motivations. They hunkered down on the tasks that had been hard to address while the project was in the hands of Sun Microsystems (where I was once employed), such as removing unused code from the project's two-decade legacy or making it possible for a beginner to get involved through Easy Hacks. A year and a half later, there's much to show for their efforts, yet so much more to do.

Solaris 11 has been submitted for certification by the Canadian Common Criteria Scheme in Level EAL4+. Certification will be against the protection profile "Operating System Protection Profile (OS PP)" as well as the extensions Advanced Management (AM); Extended Identification and Authentication (EIA); Labeled Security (LS); and Virtualization (VIRT). According to Oracle, EAL4+ is the highest level typically achievable for commercial software. Completion of the certification lies in the hands of the certification authority. Readers can follow the status of this certification (as well as other certified Oracle software) on the page Oracle Security Evaluations.